package com.lyf.controller;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;

@Controller
@RequestMapping("order")
public class OrderController {

    @RequestMapping("save")
    @RequiresRoles(logical = Logical.OR,value = {"admin","user"})//需要有user或admin角色
    @RequiresPermissions("user:save:01")//需要权限字符串
    public String save() {
        System.out.println("保存订单");

        return "redirect:/index.jsp";
    }
}
